EUVD-2016-4956

Malware in sbrugna...

CVE-2025-2066

A vulnerability has been found in projectworlds Life Insurance Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /updateAgent.php. The manipulation of the argument agentid leads to sql injection. The attack can be initiated remotely. The exploit...

3CX Desktop App Supply Chain Attack Leaves Millions at Risk - Urgent Update on the Way!

3CX said it's working on a software update for its desktop app after multiple cybersecurity vendors sounded the alarm on what appears to be an active supply chain attack that's using digitally signed and rigged installers of the popular voice and video conferencing software to target downstream...

UpdateAgent Returns with New macOS Malware Dropper Written in Swift

A new variant of the macOS malware tracked as UpdateAgent has been spotted in the wild, indicating ongoing attempts on the part of its authors to upgrade its functionalities. "Perhaps one of the most identifiable features of the malware is that it relies on the AWS infrastructure to host its...

An Insidious Mac Malware Is Growing More Sophisticated

When UpdateAgent emerged in late 2020, it utilized basic infiltration techniques. Its developers have since expanded it in dangerous ways...

The evolution of a Mac trojan: UpdateAgent’s progression

Our discovery and analysis of a sophisticated Mac trojan in October exposed a year-long evolution of a malware family—and depicts the rising complexity of threats across platforms. The trojan, tracked as UpdateAgent, started as a relatively basic information-stealer but was observed distributing...

The evolution of a Mac trojan: UpdateAgent’s progression

Our discovery and analysis of a sophisticated Mac trojan in October exposed a year-long evolution of a malware family—and depicts the rising complexity of threats across platforms. The trojan, tracked as UpdateAgent, started as a relatively basic information-stealer but was observed distributing...

UpdateAgent malware variant impersonates legitimate macOS software

By Waqas According to Microsoft Security Intelligence, the new variant of UpdateAgent malware is also capable of dropping adware against macOS. This is a post from HackRead.com Read the original post: UpdateAgent malware variant impersonates legitimate macOS software...

Lenovo Accelerator Application Man-in-the-Middle Attack Vulnerability

Lenovo Accelerator Application is a set of accelerator programs from the Chinese company Lenovo Lenovo designed specifically for Intel chipsets. A man-in-the-middle attack vulnerability exists in the UpdateAgent in the Lenovo Accelerator Application. The vulnerability can be exploited to conduct ...

CVE-2016-3944

UpdateAgent in Lenovo Accelerator Application allows man-in-the-middle attackers to execute arbitrary code by spoofing an update response from susapi.lenovomm.com...

Design/Logic Flaw

UpdateAgent in Lenovo Accelerator Application allows man-in-the-middle attackers to execute arbitrary code by spoofing an update response from susapi.lenovomm.com...

CVE-2016-3944

UpdateAgent in Lenovo Accelerator Application allows man-in-the-middle attackers to execute arbitrary code by spoofing an update response from susapi.lenovomm.com...

CVE-2016-3944

CVE-2016-3944 describes a vulnerability in the Lenovo Accelerator Application UpdateAgent that allows a remote attacker with network access to perform a man-in-the-middle attack by spoofing update responses from susapi.lenovomm.com, enabling arbitrary code execution. Affected product: Lenovo Acce...

Lenovo Tells Users to Uninstall Vulnerable Updater

Lenovo has waved the white flag on a vulnerable component of its pre-installed software updater and recommends that users uninstall it from more than 110 notebook and desktop models running Windows 10. The decision to have users yank the Lenovo Accelerator Application comes days after a Duo Labs...

CVE-2008-2439

Directory traversal vulnerability in the UpdateAgent function in TmListen.exe in the OfficeScanNT Listener service in the client in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1372, OfficeScan 8.0 SP1 before build 1222, OfficeScan 8.0 SP1 Patch 1 before build 3087, and...

Directory traversal

Directory traversal vulnerability in the UpdateAgent function in TmListen.exe in the OfficeScanNT Listener service in the client in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1372, OfficeScan 8.0 SP1 before build 1222, OfficeScan 8.0 SP1 Patch 1 before build 3087, and...

CVE-2008-2439

Directory traversal vulnerability in the UpdateAgent function in TmListen.exe in the OfficeScanNT Listener service in the client in Trend Micro OfficeScan 7.3 Patch 4 build 1367 and other builds before 1372, OfficeScan 8.0 SP1 before build 1222, OfficeScan 8.0 SP1 Patch 1 before build 3087, and...